[Gllug] SeLinux and Xinetd & Rsync
Alain Williams
addw at phcomp.co.uk
Wed May 16 20:24:39 UTC 2007
On Wed, May 16, 2007 at 08:30:49PM +0100, Stuart Sears wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Alain Williams wrote:
> > Summary: SeLinx stops rsync reading /etc/rsyncd.conf
> >
> > I installed my system and needed rsync. I created a suitable
> > /etc/rsyncd.conf (mode 644, owner root:root) and turned on rsync:
> > chkconfig rsync on (and restarted xinetd for good measure).
> >
> > Whenever I try to do an rsync from another machine I get the
> > following in /var/log/messages: May 13 23:09:18 gateway
> > rsyncd[11327]: rsync: unable to open configuration file
> > "/etc/rsyncd.conf": Permission denied (13) May 13 23:09:18 gateway
> > rsyncd[11327]: rsync error: syntax or usage error (code 1) at
> > clientserver.c(741) [receiver=2.6.8]
> >
> > If I type: setenforce 0 it works fine .... so the problem is SELinux.
> > I would like to leave SELinux on, but how do I get rsync to work ?
> avc messages?
> they'll be in /var/log/messages or /var/log/audit/audit.log
> this will at least help work out what the issue is exactly...
>
> although the error may suggest that /etc/rsyncd.conf is mislabeled
> so, as well as the error logs, the output of
> ls -Z /etc/rsyncd.conf
> and
> semanage fcontext -l | grep rsync
> could help here
/etc/rsyncd.conf did not already exist, so I just made my own. I did not label it.
What seems relevant in /var/log/audit/audit.log:
type=AVC msg=audit(1179080167.711:720): avc: denied { read } for pid=10312 comm="rsync" name="rsyncd.conf" dev=dm-0 ino=67420 scontext=user_u:system_r:rsync_t:s0 tcontext=user_u:object_r:tmp_t:s0 tclass=file
type=SYSCALL msg=audit(1179080167.711:720): arch=40000003 syscall=5 success=no exit=-13 a0=bfb84530 a1=8000 a2=1b6 a3=9ebfa28 items=0 ppid=9946 pid=10312 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="rsync" exe="/usr/bin/rsync" subj=user_u:system_r:rsync_t:s0 key=(null)
# ls -Z /etc/rsyncd.conf
-rw-r--r-- root root user_u:object_r:tmp_t /etc/rsyncd.conf
# semanage fcontext -l | grep rsync
/srv/([^/]*/)?rsync(/.*)? all files system_u:object_r:public_content_t:s0
/usr/bin/rsync regular file system_u:object_r:rsync_exec_t:s0
None of which leaves me much the wiser, how do I label /etc/rsyncd.conf & what do I label it as ?
I must say that I feel ignorant as to how this all works, is there a readable & practical intro that you could recommend ?
I tried (wild guess) to fix thus:
semanage fcontext -a -t rsync_exec_t /etc/rsyncd.conf
but it made no difference.
Thanks
--
Alain Williams
Linux Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer.
+44 (0) 787 668 0256 http://www.phcomp.co.uk/
Parliament Hill Computers Ltd. Registration Information: http://www.phcomp.co.uk/contact.php
#include <std_disclaimer.h>
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list